Extortion spam emails have raked in INR 1.5 Crore since August 2018: eScan

October 11, 2018

Although Bitcoin has been the most volatile in the past few years, yet this has not deterred the criminals from collecting bits from the Bitcoins. When we talk about extortion, we have seen the emergence and effectiveness of Ransomware using Bitcoins and other forms of crypto-currencies. We have also seen Crypto-Currency Miner (sic.Monero) being deployed on hacked servers/systems, so as to take advantage of the computational resources and generate crypto-currencies. However, lately, we have seen a rising trend in extortion emails, asking for Bitcoins.

These emails are in plain text format and warn the recipient of a malware being deployed on an Adult Porn Site, furthermore, in the mails, it is also explained in brief how the recipient’s, the webcam was hacked, keylogger was deployed and the login credentials were stolen. The email also explains that a video was captured while they were busy visiting the Adult Porn site and the recipient is threatened with dire consequences viz. sharing of the video with those present in the stolen address book.

Similar to Ransomware and Miner Attacks, this scam also relies on the anonymity provided by crypto-currencies. It’s a simple plain text threat, based on the premise that the recipient has visited some Porn site. The criminals have in most of the cases, successfully invoked the aspect of fear and social stigma into the psych/mind of the email recipients.

eScan’s research team has been analyzing and tracking these emails and most importantly, the Bitcoin addresses found in these mails. The Modus-Operandi of the criminals is to

  1. Create Bitcoin-Address for every Spam campaign.
  2. In case the recipient’s do pay up the extortion BTCs, the BTC is broken down and transferred to multiple Bitcoin Wallets so as to ensure that researchers find it difficult to track the transactions.
  3. The breakdown and subsequent transfer of the BTC is done a couple of times, hence at the end of third iteration we have close to 100 BTC wallets.
  4. Finally, all these wallets are consolidated and the BTCs transferred to one single wallet.

During the course of research, we came across numerous wallets with one of them (3FJDeT2E1fWb4oZBeub4MH9ennUp5e4QG6) having received around 31 BTC and were then sent to other wallets. The criminals have sometimes transferred the BTCs to Escrow Accounts / Exchanges to further anonymize/convert the BTCs into cash. At the existing exchange rate of BTC, the wallet was worth 1,49,09,139 INR and thus the Spam Campaign can be considered highly profitable and successful.

Some of the BTC addresses of the campaign:

  1. 19YayKasVoiRcjcihqmUpjVwvWB9aGyKCC
  2. 1DtBY4zD7cK35fpbNecpxSaEuEmfu9uyVG
  3. 1BmXuzjeWdoBKhsX8kJMNBFz5uJzrc2Gvc
  4. 1HRpxFdKGc7Anb7xfpQf3tmAcH6pph2ssX
  5. 1FCaw9jXhHveRyLxB54ypCpJ2CtanVoLC1
  6. 1MJcj7MdWeKR7eT7PukLG78jcRGf4opcsD

Due to the anonymity provided it is impossible to track the identity of the Wallet Owner. Since the month of August 2018, there has been steady increase in these extortion spam mails.

According to eScan researchers these mails are a part of a spam campaign and advices that recipients shouldn’t reply to these emails. However, since this campaign is in its nascent stages, there is a possibility that in near future the emails might be weaponized with the usual variants.

Prevention Measures:

  1. Ensure to not reply to these emails at all.
  2. Install and Configure eScan with all security modules active.
  3. eScan Real Time Monitoring
  4. eScan Proactive protection
  5. eScan Firewall IDS/IPS Intrusion prevention
  6. Users shouldn’t enable macros in documents.
  7. Organizations should deploy and maintain a backup solution.
  8. Most important, Organizations should implement MailScan at the Gateway Level for mail servers, to contain the spread of suspicious attachments.
Advertisements

eScan Marks 25 Years of Success in the IT Security Industry; Celebrates with Its PAN India Partners

September 6, 2018

Going stronger on the security eScan launched 10 Users Anti-Virus Total Protection for SOHO

DELHI, India September 6, 2018 – eScan, one of the leading Total security solution developers, turned 25 this year. To commemorate this milestone event, eScan hosted ‘Mega Event’ for its PAN India partners in association with KK software Pvt Ltd. They also introduced eScan Anti-Virus Total Protection with 10 Users for the SOHO section. The event was held at Raddison Blu Hotel, New Delhi which witnessed around 100 partners from all over India.

During the event, eScan showcased and educated the partners about its latest products and new solutions for IT security. They also announced beneficial channel schemes that will benefit eScan’s privileged channel partners with good value proposition and profits. Further, channel partners were given awards and recognition to motivate and keep the partners committed to build, develop and sustain long-term and healthy relationships with us.

eScan launched a special offer for the partners in association with KK Software Pvt. Ltd. The offer includes various trips to Switzerland, Pattaya and Goa to be claimed by the partners on purchase of certain number of eScan Anti-Virus with Total Protection and eScan Internet Security Suite box products. eScan values its relationship with the channel partners and with this scheme, rewards their commitment for their contribution to make the company reach the end users.

For eScan stock images click here

On behalf of the entire eScan team, we would like to sincerely thank everyone who helped us reach this milestone. The last 25 years have been filled with challenges, hard work, dedication, innovation and lot of success. All these years as industry leaders, we have always pushed our limits by reinventing and consistently delivering the best of class security solutions. We promise to continue this momentum to stay ahead in the game so that our partners as well as our customers can get the best that the industry has to offer,” said Mr Sunil Kripalani, Senior Vice President, Global Sales and Marketing, eScan.

Mr RK Balu, General Manager, eScan, “eScan today boasts of worldwide reach for its solid R&D and customization abilities. Our channel partners play a very significant role in the many milestones we have achieved in the last 25 years. We believe that with the new IT security solutions that have we launched, it will help us immensely to get into a much bigger growth in the coming years.”

eScan Anti-Virus Total Protection, designed for home and small office users, is a comprehensive Anti-Virus and Content Security Solution that provides complete protection to your computers against malicious content and security threats, such as Ransomware, Spyware, Adware, Keyloggers, Rootkits, Botnets, Phishing and more. eScan’s range of security solutions are certified by Global testing bodies like AV Test, AV Comparatives’ Real World Test & Real Protection Test and VB 100 Test and many others.

# # #

About eScan

eScan is an ISO (27001) certified pure play enterprise security solution company with over 2 decades of expertise in developing IT security solutions. eScan today has a presence in 12 countries through its offices and subsidiaries. It also boasts of a robust channel partner network of more than 50, 000 partners spread across 190 countries worldwide. It is trusted by more than 6,500 enterprise and corporate users spread across various industry segments such as Government, BFSI, Education, Defense, Telecom, IT & ITeS, Infrastructure, Hospitality, and Healthcare worldwide.

It is powered by some of the latest and innovative technologies, such as Proactive Behavioral Analysis Engine (PBAE) Technology, MicroWorld Winsock Layer (MWL) Technology, Domain & IP Reputation Check (DIRC) Technology, Non-Intrusive Learning Pattern (NILP) Technology, and sophisticated Anti-Virus Heuristic Algorithms that not only provide protection from current threats, but also provides proactive protection against the ever-evolving cyber threats. eScan provides 24×7 free remote support facility to help its esteemed users to provide real-time solutions for security related issues.

For more information, visit www.escanav.com


eScan Expands its Universe of Incentives for its Channel Partners

July 26, 2018

MUMBAI, India – July 26, 2018 – eScan Total security solution completes its 25 years in the IT security industry this 2018. What is the best way to celebrate it other than with the esteemed channel partners?eScan has introduced a special incentive program for its esteemed channel partners all over India to acknowledge and reward the efforts and support shown by them to boost the sales of eScan. The offer includes various gifts like a trip to Goa and Udaipur, gold coins, backpacks, helmets umbrellas etc. to be claimed by the partners for their outstanding sales contribution for July-August-September 2018.

The specially designed program is valid on fresh purchase of eScan’s products of the SOHO segment which includes eScan Total Security Suite, eScan Internet Security Suite etc. eScan values its relationship with the channel partners and with this scheme rewards their commitment for their contribution to make the company reach the end users.

Being a channel oriented brand, eScan aims to reach out to more partners to expand its partner base. This special offer has been created to encourage partners to participate in the program and get various gifts with a minimum purchase of Rs. 6,000 onwards upto Rs. 75,000. The partners have to register themselves on the Touch Point Network (TPN) Reward program, created by eScan for more benefits to the partners. (http://tpn.escanav.com/)

Talking about the offer, Mr RK Balu, General Manager, Channel Sales (Retail and SMB) for India at eScan said, “Our partners have always been a great support to us in achieving our goals and we wish to continue this relationship to achieve more. These special offers introduced for partners are our way to recognize their support and sales achievements of eScan’s products. We are committed to drive the channel excitement and motivation with such channel incentive programs in the coming times.”

eScan’s range of security solutions are certified by Global testing bodies like AV Test, AV Comparatives’ Real World Test & Real Protection Test and VB 100 Test and many others.

# # #

About eScan

eScan is an ISO (27001) certified pure play enterprise security solution company with over 2 decades of expertise in developing IT security solutions. eScan today has a presence in 12 countries through its offices and subsidiaries. It also boasts of a robust channel partner network of more than 50, 000 partners spread across 190 countries worldwide. It is trusted by more than 6,500 enterprise and corporate users spread across various industry segments such as Government, BFSI, Education, Defense, Telecom, IT & ITeS, Infrastructure, Hospitality, and Healthcare worldwide.

It is powered by some of the latest and innovative technologies, such as Proactive Behavioral Analysis Engine (PBAE) Technology, MicroWorld Winsock Layer (MWL) Technology, Domain & IP Reputation Check (DIRC) Technology, Non-Intrusive Learning Pattern (NILP) Technology, and sophisticated Anti-Virus Heuristic Algorithms that not only provide protection from current threats, but also provides proactive protection against the ever-evolving cyber threats. eScan provides 24×7 free remote support facility to help its esteemed users to provide real-time solutions for security related issues.

For more information, visit www.escanav.com


eScan detects a new wave of Ransomware affecting India

July 23, 2018

Last year WannaCry created havoc across the globe and due to its lateral movement; it had penetrated into the networks and skipped across the countries and continents. Furthermore, the security community has been highly proactive in taking down the infrastructure associated with WannaCry, however, due to its ability to move across networks, eScan observes that it still exists in its dormant form.

eScan’s telemetry servers have been picking up reminiscent artefacts of WannaCry Ransomware on regular basis. Over the period of last few months, we have observed a steady decrease of incidents involving WannaCry and hopefully by the year end WannaCry should meet the same fate as that of Conflicker Worm / DNS Changer Botnet.

We have been observing various variants and newer Ransomware being added into the family, however very few have seen active development, viz. GandCrab and ZZZ* . In last few weeks, GandCrab has taken a center-stage and is evolving at a much faster rate, which suggests that the Ransomware Developer / Criminal nexus is growing stronger and many of the criminals are now switching their loyalties to GandCrab due to the sheer fact that the developers are taking keen interest and adding numerous weapons to its arsenal.

The next step of evolution for Ransomware would be Crypto miners with Info stealers and a Ransomware all bundled into one.

India has seen its share of Ransomware attacks and Maharashtra leading the way for the week, however, in states like Gujarat, Telengana, Uttar Pradesh and Kerala we have observed a rise in activity of the GandCrab Ransomware Attacks while xtbl, korean, Dharma and CrySiS variants of Ransomware family are still making rounds.

Prevention Measures:

  • To stay safe from such ransomware attacks, all the organizations and users need to ensure that, the patches released by Microsoft have been updated or patched immediately.
  • Administrators should block all executable files from being transmitted via eMails.
  • Administrators should isolate the affected system in the Network.
  • Administrator can restore the encrypted files from the backup or from system restore point (if enabled) for affected systems.
  • Install and Configure eScan with all security modules active:
    • eScan Real Time Monitoring
    • eScan Proactive protection
    • eScan Firewall IDS/IPS Intrusion prevention
  • Users shouldn’t enable macros in documents.
  • Organizations should deploy and maintain a backup solution.
  • Most important, Organizations should implement MailScan at the Gateway Level for mail servers, to contain the spread of suspicious attachments.

Maharashtra ranks No. 1 in the Ransomware attacks reveals eScan report

July 4, 2018

According to a threat report revealed by eScan, the state of Maharashtra has recorded the highest number of Ransomware attacks in the month of June, 2018. Top 5 states in the list were

  1. Maharashtra 56%
  2. Delhi 13%
  3. Gujarat 12%
  4. Telangana 9%
  5. Tamil Nadu 9%

Globally active Ransomware attacks had come to India long ago and made the country 5th most attacked in the World and 3rd most attacked in Asia. According to the statistics by eScan there were 20.77% Ransomware attacks across the globe while India recorded 22.94% in the month of June, 2018.

India’s quick progress to a cashless economy since the demonetization drive in 2016 has uncovered new roads for digital dangers all over the country. Major organizations, including banks, airports, telecom networks and stock markets, where older versions of Windows operating system have been in use get affected due to the Ransomware. The simple accessibility of mobile devices and mobile data has brought in ease of access at the cost of cyber threats. Hence it is high time to address the issue of digital literacy in the country. It is very important that the organizations with critical infrastructure to take precautions to shield themselves against the crippling Ransomware attacks.

eScan Advisory:

  • Update security patches regularly: It is very critical to keep your mobile device fully updated. Now that the vulnerabilities have been discovered which can be exploited using Javascript, updating the browsers as and when the new versions are made available, would be the best defense for your mobile.
  • Desktop/Servers: Ensure that the installed Antivirus has enabled the registry key on Windows Machines, as mandated by Microsoft, as this would ensure that Antivirus has tested and is compatible with the patches provided by Microsoft.
  • Be cautious while downloading applications: Avoid installing applications from the internet. Use the Google Playstore or App store as provided in the device.
  • Ensure Backup: Always keep a backup of the data on the device/system before formatting it.
  • Upgrade your device: Many a times mobile devices do not get updates after the software and hardware have become old. The companies keep upgrading the versions of the mobile device and systems with the latest security patches applied.

For Real-time Insights by eScan:

https://escanav.com/en/threat-report/

https://escanav.com/en/threat-report/country-wise.asp


%d bloggers like this: